Generally, a digital rights management (DRM) is a total digital content protection technique capable of preventing illegal copy and use of a digital resource and allowing only a legally authorized user to use the digital resource. The DRM provides a total protection framework for the overall production and distribution of the digital resource. For example, the digital resource is transformed into encrypted data in a package form using an encryption technique, and the corresponding digital resource cannot be used without a legal authentication process.
Such a DRM becomes the base of a stable and legal resource service as it is connected with various resource service models. In practice, each of the current service providers employs its own DRM to protect the resources that it provides. For example, in case of a sound source service for providing sound sources through on-line, the sound sources that are encrypted as a specific encryption pattern are provided so as to prevent illegal copy. The sound sources are reproducible only by an application provided by the service provider.
However, since the DRM has an exclusive property technically or politically in terms of its characteristics, different DRMs are not compatible with one another. Accordingly, the resource provided by a specific service provider cannot be used with an application provided by another provider, which actually restricts the universal use of the DRM resources, thus resulting in a serious problem that obstructs the development of the legal content market.
Accordingly, various attempts to provide an interoperable framework between the closed DRM structures have been made, and a typical result is a DRM interoperable system. The DRM interoperable system may be a system that mediates between DRMs different from each other so as to exchange and use resources or licenses.
In order to implement the DRM interoperable system, it is necessary to provide a scenario that can define objects of the system and connect the system objects. Especially, in the system where the transfer of the content or license is frequently made like the DRM interoperable system, a high security in communication between devices is required. Accordingly, such systems require procedures and techniques related thereto capable of performing authentication and secure communication between the devices.